Assignment Task:
I. Purpose
The purpose of this document is to assess the security of I can read System, Inc.'s network. This assessment will identify any potential security risks and recommend solutions to mitigate those risks.
I can read system, Inc. is an advertising agency that manages an online database for their customers to upload and pay for their business ads for magazine placement. The company has requested that I can read system, Inc. network be assessed and verified as secure.
II. Scope
This assessment will cover I can read System, Inc.'s network infrastructure, including but not limited to routers, switches, firewalls, and wireless access points. Any systems connected to I can read System, Inc.'s network will also be in scope, as they could potentially be impacted by security vulnerabilities in the network infrastructure.
As the lead architect for this project, I have conducted an assessment of the I can read system, Inc. network and have found the following:
The network is comprised of the following components:
- A database server
- A web server
- An email server
Each of these servers is connected to the Internet and is accessible from the outside.
The database server is running Microsoft SQL Server and contains the following databases:
- A customer database
- An advertising database
The customer database contains customer information such as name, address, phone number, and credit card information. The advertising database contains information about the ads that have been placed, including the customer's name, the ad copy, and the date the ad was placed.
The web server is running Microsoft IIS and is used to host. I can read system, Inc. website. The website contains the following pages:
- A home page
- A customer login page
- A customer registration page
- An advertising placement page
The home page provides general information about the company and its services. The customer login page allows registered customers to login to their account. The customer registration page allows new customers should to create an account. The advertising placement page allows customers to select an ad space and place their ad.
III. Methodology
The email server is running Microsoft Exchange and is used to send and receive email for the I can read system, Inc. domain.
The network is secured using the following methods:
- The database server is behind a firewall
- The web server is behind a firewall
- The email server is behind a firewall
IV. Results
In addition, the following security measures are in place:
- The customer database is encrypted
- The advertising database is encrypted
- All communication between the servers is encrypted
- The web server has a SSL certificate
V. Recommendations
Based on the information gathered, I can read system, Inc. network is secure. The following recommendations are made to further secure the network:
- Implement two-factor authentication for the customer login page
- Implement two-factor authentication for the customer registration page
- Implement two-factor authentication for the advertising placement page
- Install a firewall
Two-factor authentication is an additional layer of security that requires the user to provide two pieces of information in order to login. This could be something like a password and a one-time code that is sent to the user's mobile phone.
Implementing two-factor authentication on the customer login page, customer registration page, and advertising placement page would make it more difficult for an attacker to gain access to customer accounts and data.
VI. Conclusion
This assessment has identified potential security risks in I can read System, Inc.'s network. By implementing the recommendations made in this report, I can read System, Inc. can significantly improve the security of their network.
Question:
Now that you have provided your security assessment, the next step is to provide I can read System, Inc with a Security Portfolio. Using this week's Reading on the NIST framework that includes the 5-step process for creating a balanced portfolio of security products, your assignment will be to create a Security Portfolio with the following sections:
1. Cover Page
2. Background (provide a synopsis of your security assessment on Vestige)
3. For each security need